This invention relates to an IC card system to be used as, for example, a transaction terminal installed in a bank for transmitting data input by the user to a host computer, using an IC card which stores encoding key data, and also to a method for securing the IC card system.
In a transaction terminal installed in a bank, data input by the user, such as a password, an amount of money, etc., is encoded in light of security before it is transmitted to, for example, a host computer. The data input by the user is supplied to a control circuit, where it is encoded using key data stored in a hard disk or a semiconductor element under the control of the control circuit. There is a case where an IC card is used as a semiconductor element which stores encoding key data.
To enhance security, it is necessary to exchange encoding key data with new one after it is used for a certain period of time. If the encoding key data is stored in a hard disk or a semiconductor element on an electric unit, very complicated means must be used to exchange it.
There is a case where encoding is performed by use of an IC card which stores encoding key data and a reader device for reading the data. In this case, the encoding key data can be exchanged with new one very easily in a short time, since it can be done by exchanging only the IC card with another.
However, the encoding key data which can be easily exchanged can be easily stolen and decoded, too.